nextcloud /
server
@@ -25,116 +25,116 @@ |
||
| 25 | 25 | use OCP\IUser; |
| 26 | 26 | |
| 27 | 27 | class SMB extends Backend { |
| 28 | - public function __construct(IL10N $l, Password $legacyAuth) { |
|
| 29 | - $this |
|
| 30 | - ->setIdentifier('smb') |
|
| 31 | - ->addIdentifierAlias('\OC\Files\Storage\SMB')// legacy compat |
|
| 32 | - ->setStorageClass('\OCA\Files_External\Lib\Storage\SMB') |
|
| 33 | - ->setText($l->t('SMB/CIFS')) |
|
| 34 | - ->addParameters([ |
|
| 35 | - new DefinitionParameter('host', $l->t('Host')), |
|
| 36 | - new DefinitionParameter('share', $l->t('Share')), |
|
| 37 | - (new DefinitionParameter('root', $l->t('Remote subfolder'))) |
|
| 38 | - ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 39 | - (new DefinitionParameter('domain', $l->t('Domain'))) |
|
| 40 | - ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 41 | - (new DefinitionParameter('show_hidden', $l->t('Show hidden files'))) |
|
| 42 | - ->setType(DefinitionParameter::VALUE_BOOLEAN) |
|
| 43 | - ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 44 | - (new DefinitionParameter('case_sensitive', $l->t('Case sensitive file system'))) |
|
| 45 | - ->setType(DefinitionParameter::VALUE_BOOLEAN) |
|
| 46 | - ->setFlag(DefinitionParameter::FLAG_OPTIONAL) |
|
| 47 | - ->setDefaultValue(true) |
|
| 48 | - ->setTooltip($l->t('Disabling it will allow to use a case insensitive file system, but comes with a performance penalty')), |
|
| 49 | - (new DefinitionParameter('check_acl', $l->t('Verify ACL access when listing files'))) |
|
| 50 | - ->setType(DefinitionParameter::VALUE_BOOLEAN) |
|
| 51 | - ->setFlag(DefinitionParameter::FLAG_OPTIONAL) |
|
| 52 | - ->setTooltip($l->t("Check the ACL's of each file or folder inside a directory to filter out items where the account has no read permissions, comes with a performance penalty")), |
|
| 53 | - (new DefinitionParameter('timeout', $l->t('Timeout'))) |
|
| 54 | - ->setType(DefinitionParameter::VALUE_TEXT) |
|
| 55 | - ->setFlag(DefinitionParameter::FLAG_OPTIONAL) |
|
| 56 | - ->setFlag(DefinitionParameter::FLAG_HIDDEN), |
|
| 57 | - ]) |
|
| 58 | - ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) |
|
| 59 | - ->addAuthScheme(AuthMechanism::SCHEME_SMB) |
|
| 60 | - ->setLegacyAuthMechanism($legacyAuth); |
|
| 61 | - } |
|
| 28 | + public function __construct(IL10N $l, Password $legacyAuth) { |
|
| 29 | + $this |
|
| 30 | + ->setIdentifier('smb') |
|
| 31 | + ->addIdentifierAlias('\OC\Files\Storage\SMB')// legacy compat |
|
| 32 | + ->setStorageClass('\OCA\Files_External\Lib\Storage\SMB') |
|
| 33 | + ->setText($l->t('SMB/CIFS')) |
|
| 34 | + ->addParameters([ |
|
| 35 | + new DefinitionParameter('host', $l->t('Host')), |
|
| 36 | + new DefinitionParameter('share', $l->t('Share')), |
|
| 37 | + (new DefinitionParameter('root', $l->t('Remote subfolder'))) |
|
| 38 | + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 39 | + (new DefinitionParameter('domain', $l->t('Domain'))) |
|
| 40 | + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 41 | + (new DefinitionParameter('show_hidden', $l->t('Show hidden files'))) |
|
| 42 | + ->setType(DefinitionParameter::VALUE_BOOLEAN) |
|
| 43 | + ->setFlag(DefinitionParameter::FLAG_OPTIONAL), |
|
| 44 | + (new DefinitionParameter('case_sensitive', $l->t('Case sensitive file system'))) |
|
| 45 | + ->setType(DefinitionParameter::VALUE_BOOLEAN) |
|
| 46 | + ->setFlag(DefinitionParameter::FLAG_OPTIONAL) |
|
| 47 | + ->setDefaultValue(true) |
|
| 48 | + ->setTooltip($l->t('Disabling it will allow to use a case insensitive file system, but comes with a performance penalty')), |
|
| 49 | + (new DefinitionParameter('check_acl', $l->t('Verify ACL access when listing files'))) |
|
| 50 | + ->setType(DefinitionParameter::VALUE_BOOLEAN) |
|
| 51 | + ->setFlag(DefinitionParameter::FLAG_OPTIONAL) |
|
| 52 | + ->setTooltip($l->t("Check the ACL's of each file or folder inside a directory to filter out items where the account has no read permissions, comes with a performance penalty")), |
|
| 53 | + (new DefinitionParameter('timeout', $l->t('Timeout'))) |
|
| 54 | + ->setType(DefinitionParameter::VALUE_TEXT) |
|
| 55 | + ->setFlag(DefinitionParameter::FLAG_OPTIONAL) |
|
| 56 | + ->setFlag(DefinitionParameter::FLAG_HIDDEN), |
|
| 57 | + ]) |
|
| 58 | + ->addAuthScheme(AuthMechanism::SCHEME_PASSWORD) |
|
| 59 | + ->addAuthScheme(AuthMechanism::SCHEME_SMB) |
|
| 60 | + ->setLegacyAuthMechanism($legacyAuth); |
|
| 61 | + } |
|
| 62 | 62 | |
| 63 | - public function manipulateStorageConfig(StorageConfig &$storage, ?IUser $user = null): void { |
|
| 64 | - $auth = $storage->getAuthMechanism(); |
|
| 65 | - if ($auth->getScheme() === AuthMechanism::SCHEME_PASSWORD) { |
|
| 66 | - if (!is_string($storage->getBackendOption('user')) || !is_string($storage->getBackendOption('password'))) { |
|
| 67 | - throw new \InvalidArgumentException('user or password is not set'); |
|
| 68 | - } |
|
| 63 | + public function manipulateStorageConfig(StorageConfig &$storage, ?IUser $user = null): void { |
|
| 64 | + $auth = $storage->getAuthMechanism(); |
|
| 65 | + if ($auth->getScheme() === AuthMechanism::SCHEME_PASSWORD) { |
|
| 66 | + if (!is_string($storage->getBackendOption('user')) || !is_string($storage->getBackendOption('password'))) { |
|
| 67 | + throw new \InvalidArgumentException('user or password is not set'); |
|
| 68 | + } |
|
| 69 | 69 | |
| 70 | - $smbAuth = new BasicAuth( |
|
| 71 | - $storage->getBackendOption('user'), |
|
| 72 | - $storage->getBackendOption('domain'), |
|
| 73 | - $storage->getBackendOption('password') |
|
| 74 | - ); |
|
| 75 | - } else { |
|
| 76 | - switch ($auth->getIdentifier()) { |
|
| 77 | - case 'smb::kerberos': |
|
| 78 | - $smbAuth = new KerberosAuth(); |
|
| 79 | - break; |
|
| 80 | - case 'smb::kerberosapache': |
|
| 81 | - if (!$auth instanceof KerberosApacheAuthMechanism) { |
|
| 82 | - throw new \InvalidArgumentException('invalid authentication backend'); |
|
| 83 | - } |
|
| 84 | - $credentialsStore = $auth->getCredentialsStore(); |
|
| 85 | - $kerbAuth = new KerberosAuth(); |
|
| 86 | - $kerbAuth->setTicket(KerberosTicket::fromEnv()); |
|
| 87 | - // check if a kerberos ticket is available, else fallback to session credentials |
|
| 88 | - if ($kerbAuth->getTicket()?->isValid()) { |
|
| 89 | - $smbAuth = $kerbAuth; |
|
| 90 | - } else { |
|
| 91 | - try { |
|
| 92 | - $credentials = $credentialsStore->getLoginCredentials(); |
|
| 93 | - $loginName = $credentials->getLoginName(); |
|
| 94 | - $pass = $credentials->getPassword(); |
|
| 95 | - preg_match('/(.*)@(.*)/', $loginName, $matches); |
|
| 96 | - $realm = $storage->getBackendOption('default_realm'); |
|
| 97 | - if (empty($realm)) { |
|
| 98 | - $realm = 'WORKGROUP'; |
|
| 99 | - } |
|
| 100 | - if (count($matches) === 0) { |
|
| 101 | - $username = $loginName; |
|
| 102 | - $workgroup = $realm; |
|
| 103 | - } else { |
|
| 104 | - [, $username, $workgroup] = $matches; |
|
| 105 | - } |
|
| 106 | - $smbAuth = new BasicAuth( |
|
| 107 | - $username, |
|
| 108 | - $workgroup, |
|
| 109 | - $pass |
|
| 110 | - ); |
|
| 111 | - } catch (\Exception) { |
|
| 112 | - throw new InsufficientDataForMeaningfulAnswerException('No session credentials saved'); |
|
| 113 | - } |
|
| 114 | - } |
|
| 70 | + $smbAuth = new BasicAuth( |
|
| 71 | + $storage->getBackendOption('user'), |
|
| 72 | + $storage->getBackendOption('domain'), |
|
| 73 | + $storage->getBackendOption('password') |
|
| 74 | + ); |
|
| 75 | + } else { |
|
| 76 | + switch ($auth->getIdentifier()) { |
|
| 77 | + case 'smb::kerberos': |
|
| 78 | + $smbAuth = new KerberosAuth(); |
|
| 79 | + break; |
|
| 80 | + case 'smb::kerberosapache': |
|
| 81 | + if (!$auth instanceof KerberosApacheAuthMechanism) { |
|
| 82 | + throw new \InvalidArgumentException('invalid authentication backend'); |
|
| 83 | + } |
|
| 84 | + $credentialsStore = $auth->getCredentialsStore(); |
|
| 85 | + $kerbAuth = new KerberosAuth(); |
|
| 86 | + $kerbAuth->setTicket(KerberosTicket::fromEnv()); |
|
| 87 | + // check if a kerberos ticket is available, else fallback to session credentials |
|
| 88 | + if ($kerbAuth->getTicket()?->isValid()) { |
|
| 89 | + $smbAuth = $kerbAuth; |
|
| 90 | + } else { |
|
| 91 | + try { |
|
| 92 | + $credentials = $credentialsStore->getLoginCredentials(); |
|
| 93 | + $loginName = $credentials->getLoginName(); |
|
| 94 | + $pass = $credentials->getPassword(); |
|
| 95 | + preg_match('/(.*)@(.*)/', $loginName, $matches); |
|
| 96 | + $realm = $storage->getBackendOption('default_realm'); |
|
| 97 | + if (empty($realm)) { |
|
| 98 | + $realm = 'WORKGROUP'; |
|
| 99 | + } |
|
| 100 | + if (count($matches) === 0) { |
|
| 101 | + $username = $loginName; |
|
| 102 | + $workgroup = $realm; |
|
| 103 | + } else { |
|
| 104 | + [, $username, $workgroup] = $matches; |
|
| 105 | + } |
|
| 106 | + $smbAuth = new BasicAuth( |
|
| 107 | + $username, |
|
| 108 | + $workgroup, |
|
| 109 | + $pass |
|
| 110 | + ); |
|
| 111 | + } catch (\Exception) { |
|
| 112 | + throw new InsufficientDataForMeaningfulAnswerException('No session credentials saved'); |
|
| 113 | + } |
|
| 114 | + } |
|
| 115 | 115 | |
| 116 | - break; |
|
| 117 | - default: |
|
| 118 | - throw new \InvalidArgumentException('unknown authentication backend'); |
|
| 119 | - } |
|
| 120 | - } |
|
| 116 | + break; |
|
| 117 | + default: |
|
| 118 | + throw new \InvalidArgumentException('unknown authentication backend'); |
|
| 119 | + } |
|
| 120 | + } |
|
| 121 | 121 | |
| 122 | - $storage->setBackendOption('auth', $smbAuth); |
|
| 123 | - } |
|
| 122 | + $storage->setBackendOption('auth', $smbAuth); |
|
| 123 | + } |
|
| 124 | 124 | |
| 125 | - public function checkDependencies(): array { |
|
| 126 | - $system = \OCP\Server::get(SystemBridge::class); |
|
| 127 | - if (NativeServer::available($system)) { |
|
| 128 | - return []; |
|
| 129 | - } elseif (Server::available($system)) { |
|
| 130 | - $missing = new MissingDependency('php-smbclient'); |
|
| 131 | - $missing->setOptional(true); |
|
| 132 | - $missing->setMessage('The php-smbclient library provides improved compatibility and performance for SMB storages.'); |
|
| 133 | - return [$missing]; |
|
| 134 | - } else { |
|
| 135 | - $missing = new MissingDependency('php-smbclient'); |
|
| 136 | - $missing->setMessage('Either the php-smbclient library (preferred) or the smbclient binary is required for SMB storages.'); |
|
| 137 | - return [$missing, new MissingDependency('smbclient')]; |
|
| 138 | - } |
|
| 139 | - } |
|
| 125 | + public function checkDependencies(): array { |
|
| 126 | + $system = \OCP\Server::get(SystemBridge::class); |
|
| 127 | + if (NativeServer::available($system)) { |
|
| 128 | + return []; |
|
| 129 | + } elseif (Server::available($system)) { |
|
| 130 | + $missing = new MissingDependency('php-smbclient'); |
|
| 131 | + $missing->setOptional(true); |
|
| 132 | + $missing->setMessage('The php-smbclient library provides improved compatibility and performance for SMB storages.'); |
|
| 133 | + return [$missing]; |
|
| 134 | + } else { |
|
| 135 | + $missing = new MissingDependency('php-smbclient'); |
|
| 136 | + $missing->setMessage('Either the php-smbclient library (preferred) or the smbclient binary is required for SMB storages.'); |
|
| 137 | + return [$missing, new MissingDependency('smbclient')]; |
|
| 138 | + } |
|
| 139 | + } |
|
| 140 | 140 | } |
@@ -60,7 +60,7 @@ |
||
| 60 | 60 | ->setLegacyAuthMechanism($legacyAuth); |
| 61 | 61 | } |
| 62 | 62 | |
| 63 | - public function manipulateStorageConfig(StorageConfig &$storage, ?IUser $user = null): void { |
|
| 63 | + public function manipulateStorageConfig(StorageConfig & $storage, ?IUser $user = null): void { |
|
| 64 | 64 | $auth = $storage->getAuthMechanism(); |
| 65 | 65 | if ($auth->getScheme() === AuthMechanism::SCHEME_PASSWORD) { |
| 66 | 66 | if (!is_string($storage->getBackendOption('user')) || !is_string($storage->getBackendOption('password'))) { |
